When run, the tool extracts seven key attributes from every analyzed binary file and compares them to data obtained by running the J48, J48 Graft, PART, and Ridor machine-learning algorithms on a set of 100,000 malicious programs and 16,000 clean ones, Raman said.

“Malware classification can be a difficult task for even experienced analysts, especially in the modern era of highly obfuscated code, binaries that are designed to evade scanners and anti-malware applications. Determining whether an odd binary is potentially malicious can be a frustrating and time-consuming task”.